Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

crypto: fix rsa key gen with non-default exponent #27092

Closed

Conversation

Projects
None yet
7 participants
@sam-github
Copy link
Member

sam-github commented Apr 4, 2019

EVP_PKEY_CTX_set_rsa_keygen_pubexp() accepts ownership of the exponent
on success, so do not free it.

Fixes: #27087

Checklist
  • make -j4 test (UNIX), or vcbuild test (Windows) passes
  • tests and/or benchmarks are included
  • documentation is changed or added
  • commit message follows commit guidelines
crypto: fix rsa key gen with non-default exponent
EVP_PKEY_CTX_set_rsa_keygen_pubexp() accepts ownership of the exponent
on success, so do not free it.

Fixes: #27087

@sam-github sam-github requested a review from tniessen Apr 4, 2019

@nodejs-github-bot

This comment has been minimized.

@nodejs-github-bot

This comment has been minimized.

@bnoordhuis
Copy link
Member

bnoordhuis left a comment

LGTM. Good catch.

@@ -146,7 +146,7 @@ const sec1EncExp = (cipher) => getRegExpForPEM('EC PRIVATE KEY', cipher);

// Now do the same with an encrypted private key.
generateKeyPair('rsa', {
publicExponent: 0x10001,

This comment has been minimized.

Copy link
@mscdex

mscdex Apr 5, 2019

Contributor

Can we keep this exponent in both tests (here and the change above) as an additional test parameter?

This comment has been minimized.

Copy link
@sam-github

sam-github Apr 5, 2019

Author Member

@mscdex exponent 0x10001 is tested 4 times in test-crypto-keygen.js, I don't mind copy and pasting the tests with non-default exponents, but don't think it will increase coverage. Can you confirm you want me to do this? For your reference:

core/node (fix-non-default-exp-rsa-keygen $%) % grep publicExponent test/parallel/test-crypto-keygen.js
    publicExponent: 3,   // I changed this from 0x0001
    publicExponent: 0x10001,
    publicExponent: 0x1001,   // I changed this from 0x0001
    publicExponent: 0x10001,
    publicExponent: 0x10001,
    publicExponent: 0x10001,

This comment has been minimized.

Copy link
@mscdex

mscdex Apr 6, 2019

Contributor

I see, either way is fine then.

@tniessen
Copy link
Member

tniessen left a comment

Doesn't release return the pointer? I am not sure, maybe it doesn't :)

@jasnell

jasnell approved these changes Apr 6, 2019

@sam-github

This comment has been minimized.

Copy link
Member Author

sam-github commented Apr 8, 2019

yes, release both returns the pointer, and nulls it (so the auto ptr doesn't own it). But its the only function to use (I think).

@sam-github

This comment has been minimized.

Copy link
Member Author

sam-github commented Apr 8, 2019

Landed in 0911e88

@sam-github sam-github closed this Apr 8, 2019

@sam-github sam-github deleted the sam-github:fix-non-default-exp-rsa-keygen branch Apr 8, 2019

sam-github added a commit that referenced this pull request Apr 8, 2019

crypto: fix rsa key gen with non-default exponent
EVP_PKEY_CTX_set_rsa_keygen_pubexp() accepts ownership of the exponent
on success, so do not free it.

Fixes: #27087

PR-URL: #27092
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: James M Snell <jasnell@gmail.com>

@tniessen tniessen referenced this pull request Apr 9, 2019

Closed

src: remove unnecessary function call #27143

4 of 4 tasks complete
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.